Kairos Health Arizona, Inc. ("Kairos") provides public entity
health care solutions and is issuing notice regarding a data
security incident that may have involved health information of
certain individuals. At this time, there is no evidence of any
attempt to misuse the health information of any individuals
affected by the incident. Kairos was able to successfully contain
the incident and implemented additional security protocols.
PHOENIX, June 19,
2024 /PRNewswire-PRWeb/ -- Phoenix, Arizona, June
18, 2024 /PRNewswire/ -- Kairos Health Arizona, Inc.
("Kairos") provides public entity health care solutions and is
issuing notice regarding a data security incident that may have
exposed health information of certain individuals. At this time,
there is no evidence of any attempt to misuse the health
information of any individuals affected by the incident. This
notice explains: (1) the incident; (2) measures Kairos has taken;
and (3) additional steps potentially affected individuals may
consider taking in response.
What Happened
On March 29, 2024, Kairos
discovered that a former third-party Kairos consultant accessed
certain Kairos data without authorization. Kairos immediately began
an investigation and determined that the former Kairos consultant
accessed and downloaded a limited amount of data from a Kairos
database between November 2, 2023,
and March 29, 2024. As soon as Kairos
became aware of the incident, Kairos promptly terminated the former
consultant's access to the Kairos database and conducted a forensic
investigation.
Kairos learned on April 19, 2024,
that the data accessed may have included health information. Upon
further investigation, Kairos determined in mid-June 2024 that a reportable security incident
had occurred. Kairos then conducted a thorough review of the data
to determine which specific individuals' information may have been
impacted and worked to obtain addresses and notify these
individuals as quickly as possible.
What Information Was Involved
The information involved may have included individuals' names,
health insurance identification numbers, health insurance claims
and coverage information, and limited health information. Each
affected individual may have been impacted differently and thus not
all the elements were present for each individual. Social Security
numbers, driver's license numbers, credit card numbers, and
financial account numbers were not impacted.
What Kairos is Doing
Kairos takes customer privacy and security of information in its
care very seriously. To help prevent a similar type of incident
from occurring in the future, Kairos has implemented and will
continue implementing additional security protocols designed to
enhance the security of its network, internal systems, and
applications. Kairos will also continue to evaluate additional
steps that may be taken to further increase its defenses.
While Kairos does not have any information to suggest that any
personal information has been used maliciously, Kairos is mailing
written notice to individuals whose personal information may have
been involved. These notices include resources that individuals can
reference to further protect their information.
What Individuals Can Do
Individuals who do not receive mailed written notice of this
incident but believe they may be affected or who have questions
about this incident that are not addressed above may call
888.596.5037, Monday through Friday, between
9:00 AM and 9:00 PM Eastern Time.
About: Kairos Health Arizona, Inc., is an employee benefits pool
created exclusively for public entities in Arizona: www.kairoshealthaz.org.
Media Contact
Tanya Edwards, Kairos Health
Arizona, Inc., 1 602 845 6153, tanya.edwards@kairoshealthaz.org,
www.kairoshealthaz.org
View original content to download
multimedia:https://www.prweb.com/releases/data-security-incident---kairos-health-arizona-inc-kairos-302176406.html
SOURCE Kairos Health Arizona, Inc.